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DETAILED ACTION 

• Applicant's amendment filed on 12/3/2009 has been entered. Applicant has 
amended claims 1, 21, and 42; canceled claim 41 and added claim 46. Currently 
claims 1, 2, 9, 21, 27-30, 34, and 37-40, and 42-46 are pending in this 
application. 

• Examiner acknowledges clarification of claim language of claim 42 to overcome 
rejection under 35 U.S.C 112. As a result, all rejections under U.S.C 112 are 
withdrawn. 



Priority 

1. This application is filed as a continuation in part (CIP) of application 1 0/1 1 3875. In 
order for claims in the CIP application (that is continuation-in-part of an earlier U.S. 
application) to receive the effective filing date of the parent application, claims in the 
new application must be supported by the specification and claims of the parent 
application. Examiner, in order to establish effective filling date for claims in this 
application, reviewed parent application 10/1 13875 and was not able to find support for 
both independent claims 1 and 21 of this application in the parent application. For 
example claims 1 and 21 both requires with other limitations, "wherein when the 
verification service causes the web page object to have at least one of the first and 
second contents, the web page object appears invisible to the visitor after it is rendered 
by the visitor's browser". Examiner was unable to find support for all these limitation in 
the parent application (10/1 13875). As a result, examiner asserts that all the 
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independent claims receive the effective filing date of 09/29/2003 , which is a filing date 
of this application. Since the independent claims aren't fully supported by the parent 
application, dependent claims which incorporate all the limitations of independent claims 
also are not fully supported by the parent application. As a result, all the dependent 
claims also receive the effective filling date of 09/29/2003 . 



Response to Arguments 

2. Applicant's arguments filed 12/3/2009 regarding 35 U.S. C. 101 first paragraph 
rejection of claims 1,2,9, 34, and 37-45 have been fully considered but they are not 
persuasive for following reasons: 

• Applicant argues that, "The Examiner has rejected Claims 1 , 2, 9, 34, and 37- 
45 under 35 U.S.C. 101 as being directed to non-statutory subject matter. 
Applicant respectfully notes that such rejection is avoided in view of the 
amendment made to independent Claim 1 hereinabove." 

• Examiner respectfully disagrees and would like to point out that requiring 
verification service to perform its tasks, utilizing a computer does not 
incorporate the computer into the apparatus, apparatus as claimed still 
consist of only a web page object and a verification service both of which are 
software components and therefore, the claimed "apparatus" would amount to 
computer programs, a type of functional descriptive material, per se 

3. Applicant's arguments filed 12/03/2009 have been fully considered but they are 
not persuasive for the following reasons (Note: Examiner would like to point out that 
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Applicant's arguments fail to comply with 37 CFR 1 .1 1 1 (b) because they amount to a 
general allegation that the claims define a patentable invention without specifically 
pointing out how the language of the claims patentably distinguishes them from the 
references. Applicant simply first recite the claim language and then summarizes what 
examiner cited as a reference and finally concludes with the statement that merely 
disclosing what reference teach is not same as what the claim is without providing any 
arguments in support of such assertion. 

• Regarding Claims 1 and 9, applicant argues that, "However, merely using 
output from a port or vulnerability scanning tool to create an XML document 
that is parsed to check that the document is valid and well formed, in addition 
to disclosing a port scanning tool and a back-end database system, as in 
Blyth, fails to disclose a technique "wherein the scanning engine parses the 
set of XML files and stores records of the parsed set of XML files in the 
database in association with an account number of a provider of the online 
service " (emphasis added), as claimed." 

• Examiner respectfully disagrees and would like to point out that Fig. 1 clearly 
discloses the scanning engine parsing the set of XML files and storing 
records of the parsed set of XML files in the database. Furthermore, the 
argument regarding records are not stored in database in association with an 
account number of a provider of the online service is also not found 
persuasive because Fig. 6 clearly discloses the result of the scan includes the 
URL and an IP address of a provider of the online service both of which can 
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be interpreted as an account number. Both the URL and an IP address are 
registered in DNS and are used to identify the online service provider 
therefore both the URL and IP address can be interpreted as an account 
number of a provider of the online service. Also see Fig. 2 which discloses 
Target field in the XML and see, Fig. 5, Which discloses database containing 
a target field, all the vulnerabilities are stored in association with the target 
address which in an IP address and URL of the online service for which the 
scanning is performed. 

• Applicant further argues that, "However, merely disclosing a job scheduling 
module that initiates customer jobs and uses a customer profile to tell a 
command engine what services a customer should receive, as in Bunker, fails 
to disclose a technique "wherein the scanning is performed according to a 
schedule " (emphasis added), as claimed by applicant. Merely disclosing a job 
scheduling module that initiates customer jobs , as in Bunker, fails to disclose 
a technique "wherein the scanning is performed according to a schedule " 
(emphasis added), as specifically claimed by applicant." 

• Examiner respectfully disagrees and would like to point out that Bunker 
clearly discloses that a scanning is performed according to a schedule. See 
paragraph 0052, "The job scheduling module 202 can initiate customer jobs 
at any time. It uses the customer profile 204 information to tell the 
Command Engine 116 what services the customer should receive, for 
example, due to having been purchased, so that the Command Engine 116 
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can conduct the appropriate range of tests" and also paragraph 0054 
which recites, The customer profile 204 may be used by the Command 
Engine 1 14 to conduct an appropriate set of tests 516 on the customer's 
systems 1002." This part clearly recites command engine uses a customer 
profile to schedule appropriate range of tests based on what services 
customers has paid for. Applicant should also not that the set of tests are 
equivalent to scanning the customers computer network for security 
vulnerabilities (see, Paragraph 0069, "Figuratively, the Command Engine 116 
is the "brain" that orchestrates all of the "basic tests" 516 into the security 
vulnerability attack simulation used to test the security of customer systems 
and networks 1002"). 

• Regarding Claim 42, applicant argues that, "Applicant again notes that the 
above excerpts from Bunker relied on by the Examiner merely disclose a job 
scheduling module that initiates customer jobs and uses a customer profile to 
tell a command engine what services a customer should receive, which fails 
to disclose a technique "wherein the schedule is requested by the customer" 
(emphasis added), as claimed by applicant. Merely disclosing a customer 
profile that is used to tell a command engine what services a customer should 
receive, as in Bunker, fails to disclose that "the schedule is requested by the 
customer" (emphasis added), as specifically claimed by applicant." 

• Once again examiner respectfully disagrees and would like to point out that 
Bunker discloses the schedule is requested by the customer (see, Paragraph 
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0052, "The job scheduling module 202 can initiate customer jobs at any 
time. It uses the customer profile 204 information to tell the Command 
Engine 116 what services the customer should receive, for example, due to 
having been purchased, so that the Command Engine 116 can conduct the 
appropriate range of tests 516." And also paragraph 0054, "Customer 
Profile information includes that information discussed in this specification 
which would typically be provided by the Customer". Therefore, the tests for 
vulnerability are scheduled according to the customer profile and the 
customer profile is provided by the customer therefore, the schedule is 
requested by the customer. As a result, rejection is maintained. 

Claim Rejections - 35 USC § 101 

35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

4. Claims 1, 2, 9, 34, and 37-40 and 42-46 are rejected under 35 U.S.C. 101 
because the claimed invention is directed to non-statutory subject matter. 

Claim 1 recites, "An apparatus for providing a security status of an on-line 

service, comprising: a web page object ; a verification service ". The claimed 

apparatus direct to software per se, which do not show the physical transformation. 
Therefore, the claimed "apparatus" would amount to computer programs, a type of 
functional descriptive material, per se. As such, the claimed system/apparatus must 
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include the hardware necessary to realize any of the functionality of the claimed 
modules and produce a useful, concrete and tangible result. Absent recitation of such 
hardware as part of the claimed apparatus, it is considered non-statutory. 
Claims 2, 9, 34 and 37-40, and 42-46 depend on claim 1, therefore they are rejected 
with the same rationale applied against claim 1 above. 

Claim Rejections - 35 USC § 103 

5. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 1. 2. 9. 21. 27-30. 37-39. and 42-45 are rejected under 35 U.S.C. 103 (a) 
as being unpatentable over Khaishqi et al. (US 6,658,394 B1). hereinafter "Khaishqi" in 
view of Guirguis (Guirguis, Ragi; "Network- and Host-Based Vulnerability Assessments: 
An Introduction to a Cost Effective and Easy to Use Strategy": GIAC Security Essentials 
(GSEC) Practical, Version 1.4b, Publication Data: June 14-. 2003), hereinafter 
"Guirguis" and further in view of Tiso (Tiso, John: "Automated Security Scanning": Svs 
Admin, Volume 9, Issue 10, Pages 73-78, Publication: October 2000), hereinafter, 
"Tiso" and Bunker, V et al. (US 2003/0028803). hereinafter "Bunker" and further in view 
of Blvth (Blyth, Andrew: "An XML-based architecture to perform data integration and 
data unification in vulnerability assessments". Information Security Technical Report, 
Volume 8, Issue 4, April 2003, Pages 14-25). hereinafter "Blvth". 
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Regarding Claims 1 and 21 Khaishgi discloses an apparatus and corresponding 
method for providing a security status of an on-line service, comprising: 

a web page object (Column 1 , lines 26-28, "electronic seals") that is automatically 
rendered by a browser when a visitor uses the browser (Fig. 5, Numerals 52, 54, 56, 
and 58, and at Column 2, lines 34-44, "browser") to access one or more web pages of 
the on-line service (Fig. 1, Numeral 4, "Merchant") via a public network (Fig. 1, Numeral 
12, "Network"); and 

a verification service (Fig. 2, Numeral 8, "Certification Service") that hosts the 
web page object (Fig. 2, Numeral 22, "Seal Servers") separately from the one or more 
web pages of the on-line service (Fig. 2, Numeral 4, Merchant's server(s) numeral 4 are 
separate from the "Seal servers 22" of "Certification Service", also refer to Column 3, 
lines 14-25), and further controls contents of the web page object, utilizing a computer 
(Column 3, lines 26-42), 

wherein the visitor is not required to take any action other then requesting access 
to the on-line service via the browser to receive the security status through the 
automatic rendering of the web page object by the visitor's browser (Column 2, lines 66- 
67 and Column 3, lines 1-2, "Merchants 4 post their corresponding electronic seals on 
their web sites or in electronic mail messages (emails) in order to increase the 
confidence of potential customers", Note: Since web-page of the merchant contains the 
link of the seal, the seal is generated and displayed on the web-page when client 
generates a request for a web-page from a merchant, client will only need to take 
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further action (i.e. click on the seal) if client want "more information" about the seal and 
merchant, refer to Column 3,line 14-25) , and 

wherein the verification service causes the contents of the web page object to be 
changed in accordance with its prior determination of a level of the security status 
(Column 4, lines 60-67 and Column 5, lines 1-7, "When user 6 accesses a merchant 4, 
client device 10 is directed to retrieve a seal from seal servers 22. More specifically, 
seal servers 22 receive a request from computing device 10 that includes a unique 
identifier for one of the merchants and, therefore, uniquely identifies one of the media 
objects within seal repository 25 (step 52). Seal servers 22 log the request by storing 
the IP address within request log 24 (step 54) and select the appropriate media object 
according to the unique identifier (step 56). "), such that when the verification service 
determines, in a first verification operation prior to the visitor's access request, that the 
on-line service has a first level of the security status, it causes the web page object to 
have first contents (Column 4, lines 60-67 and Column 5, lines 1-7, Seal server provide 
the electronic seal corresponding to the merchant to the client), and when the 
verification service determines, in a second verification operation prior to the visitor's 
access request, that the on-line service has a different second level of the security 
status (Column 4, lines 49-52, "Next, seal maintenance modules 27 periodically 
regenerate the media objects in order to update the embedded information including the 
expiration date (Step 48).") , it causes the web page object to have different security 
status levels via the browser's automatic rendering of the prior-determined and changed 
web page object contents when the visitor requests access to the on-line service 
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(Column 4, lines 52-54, "For example, a new set of media object can be generated daily 
in order to facilitate detection of expired seals"), and 

wherein the first and second verification operations to determine the on-line 
service's security status and control the contents of the web page object are performed 
by the verification service prior to and completely independently from the visitor's 
request to access the on-line service, and independently from any action by the visitor 
and visitor's browser (Column 4, lines 28-57, Note: Both the seal generation and 
maintenance are done by certification service and these steps are done completely 
independently from the visitor's request to access the on-line service, i.e. visitor's 
request to access the on-line service does not trigger initial seal request operation from 
merchant (fig. 3) or the maintenance which can be done daily) , and 

wherein when the verification service causes the web page object to have at 
least one of the first and second contents, the web page object appears invisible to the 
visitor after it is rendered by the visitor's browser (Column 4, lines 54-57, "In one 
configuration, seal issuer 8 generated a media object having a transparent image when 
the corresponding merchant 4 loses its certification status, In this manner, the seal 
"disappears" from the merchant web site"). 

Khaishgi discloses changing the seal in response to detecting expiration of the seal 
(Column 4, lines 54-57). Khaishgi does not explicitly disclose: 

wherein the levels of the security status displayed for the visitor via the automatic 
rendering of the web page object indicate how vulnerable devices and services of the 
on-line service are to hackers and other online security threats as determined by the 
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first and second verification operations; wherein at least one of the first and second 
verification operations includes scanning the on-line service from a remote address on 
the network and wherein the scanning produces a set of XML files including information 
about open ports, available service, network protocols, security exposures and 
vulnerabilities associated with a device providing the on-line service and wherein a scan 
header record associated with the scanning is stored in a database. 

Guirguis discloses a system (nessus engine) which detects how vulnerable 
devices and services of the on-line service are to hackers and other online security 
threats as determined by a verification operation (see, Page 2, 2nd Paragraph, 
"Vulnerability assessments identify and suggest fixes for possible vulnerabilities that 
attackers might exploit in operating systems or in mail, HTTP, and FTP servers.") and 
wherein at least one of the first and second verification operations includes scanning the 
on-line service from a remote address on the network (See Page 5, Section 3.1 .3) and 
wherein the scanning produces a set of XML files including information about open 
ports, available service, security exposures and vulnerabilities, the information 
associated with a device providing the on-line service (see, Page 2, 2 nd paragraph and 
Page 6, Section 3.1 .4) wherein a scan header record associated with the scanning is 
stored in a database (see, Page 6, 2 nd Paragraph). 

Therefore, it would have been obvious at the time the invention was made to one 
of ordinary skill in the art to scan the online services of Khaishgi from a remote location 
for vulnerabilities as taught by Guirguis because "performing VAs on company systems 
provide three key pieces of information necessary for improving their security: 1) it is 
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easier to locate which systems are vulnerable, 2) it identifies what services/components 
are vulnerable, and 3) it suggests the best method for repairing the vulnerabilities (i.e. - 
it recommends which patch or software version should be used/applied). Performing 
this procedure on a regular basis allows IT professionals to find and repair possible 
security vulnerabilities before attackers find and exploit them." (See, page 2, 2 nd 
paragraph). 

The combination of Khaishgi and Guirguis further discloses the scan header 
record including a number of vulnerabilities classified by severity level (see, Guirguis, 
Page 6, 1st paragraph) and the combination further discloses wherein the scanning is 
performed using a scanning engine of the verification service (see, Guirguis, Page 5, 
section 3.1.2). 

The combination of Khaishgi and Guirguis does not explicitly disclose the scan 
header record including a date, launch time, and duration. 

However, Tiso discloses generating a scan report including date, launch time and 
duration (see, Page 74, Table 1). 

Therefore, it would have been obvious at the time the invention was made to one 
of ordinary skill in the art to add, in the scan report of the combination of Khaishgi and 
Guirguis, data launch time and duration of the scan as taught by Tiso so that reviewer of 
the report can simply look at the summery to get some overview about the scan results. 

The combination of Khaishgi, Guirguis and Tiso does not disclose wherein at 
least one of the first and second verification operations include determining the security 
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status by comparing a fingerprint of a new vulnerability to a stored list of the devices 
and services and without performing an actual scan or test of the devices and services. 

However, Bunker discloses determining the security status by comparing a 
fingerprint of a new vulnerability to a stored list of the devices and services and without 
performing an actual scan or test of the devices and services (paragraph 001 9 line 11- 
14, "The configuration of the new vulnerability may be compared to the customer's 
system network configuration in the last test for the customer. ") 

Therefore, It would have been obvious at the time the invention was made to one 
of ordinary skill in the art further modify the virus scanner of the combined system of 
Khaishgi, Guirguis and Tiso to send alert based on information in the stored profile and 
newly received vulnerability information without requiring a new scan, as taught by 
Bunker so "only customers affected by the new security vulnerabilities may receive the 
alert" (paragraph 0020 lines 1-2) also this kind of configuration provides real time 
security alerts that warns operators to perform appropriate action when new newly 
received security vulnerability can potentially harm their system. 

The combination of Khaishgi, Guirguis, Tiso and Bunker discloses XML file 
information about open ports, available service, security exposures and vulnerabilities, 
the information associated with a device providing the on-line service but does not 
explicitly disclose XML file including information about a network protocol, the 
information associated with a device providing the on-line service and wherein the 
scanning engine parses the set of XML files and stores records of the parsed set of 
XML files in the database in association with an account number of a provider of the 
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online service and wherein the database stores the information about generic services 
expected to be running on the open ports. 

However, Blyth discloses XML file including information about a network protocol, 
the information associated with a device providing the on-line service (see, Fig. 7, 
"servicename = SSH" "servicename = "smtp") and wherein scanning engine parses the 
set of XML files and stores records of the parsed set of XML files in the database in 
association with an account number of a provider of the online service (see, Page 1 6, 
1st paragraph, Fig. 1 and also Fig. 6). 

Therefore, it would have been obvious at the time the invention was made to one 
of ordinary skill in the art to parse, the set of XML files produced by the combination of 
Khaishgi, Guirguis, Tiso and Bunker, in the database as taught by Blyth so that "large 
quantities of security-related information can be captured within a single database 
schema" (see, Blyth, Abstract). 

The combination of Khaishgi, Guirguis, Tiso, Bunker and Blith further discloses 
wherein the database stores the information about generic services expected to be 
running on the open ports (see, Blith, Page 17, 1 st paragraph, "the name of the service 
that is normally associated with that port number"). 

The scanning system of Guirguis does not explicitly disclose that the scanning is 
performed according to a schedule. However, Bunker further discloses wherein the 
apparatus is operable such that the scanning is performed according to a schedule (See 
paragraph 0052, "The job scheduling module 202 can initiate customer jobs at any 
time. It uses the customer profile 204 information to tell the Command Engine 116 
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what services the customer should receive, for example, due to having been purchased, 
so that the Command Engine 116 can conduct the appropriate range of tests" and 
also paragraph 0054 which recites, The customer profile 204 may be used by the 
Command Engine 1 14 to conduct an appropriate set of tests 516 on the 
customer's systems 1002." This part clearly recites command engine uses a customer 
profile to schedule appropriate range of tests based on what services customers has 
paid for. Applicant should also not that the set of tests are equivalent to scanning the 
customers computer network for security vulnerabilities, see, Paragraph 0069, 
"Figuratively, the Command Engine 116 is the "brain" that orchestrates all of the "basic 
tests" 516 into the security vulnerability attack simulation used to test the security of 
customer systems and networks 1002"). 

Therefore, it would have been obvious at the time the invention was made to one 
of ordinary skill in the art to schedule, the scanning of the combined system, performed 
according to a schedule as taught by Bunker to automate the task of triggering a 
network scan and using the scheduling so that the command engine can conduct the 
appropriate range of tests (security scan). (See, Bunker, Paragraph 0052). 

Regarding Claims 2 and 27, rejections of claims 1 and 21 are incorporated the 
combination of Khaishgi, Guirguis, Tiso, Bunker and Blith further discloses wherein the 
on-line service comprises devices and services (Fig. 1, Numeral 4, representing web- 
servers of Merchant 4) and verification service determines the security status level of 
the on-line service (Column 2, lines 44-46, "Seal issuer 8 verifies the credentials, 
policies or business practices of each Merchant 4 and issues a corresponding seal of 



Application/Control Number: 10/674,878 Page 17 

Art Unit: 2435 

certification to each merchant 4 upon verification.") by evaluating vulnerability scan of 
the devices and services comprising the on-line service (see Guirguis, Page 6, Section 
3.1.4) 

Regarding Claims 9 and 28, rejections of claims 2 and 27 are incorporated and 
the combination of Khaishgi, Guirguis, Tiso, Bunker and Blith further discloses 
verification service periodically receives result of a new vulnerability scan of the devices 
and services comprising the on-line service and causes the contents of the web page 
object to be changed it a changed security status level is determined, thereby 
automatically providing the visitor with an updated security status (see Guirguis, Page 5, 
Section 3.1 .3, and Khaishgi, Column 4, lines 49-57) 

Regarding Claim 29, the rejection of claim 21 is incorporated and the 
combination of Khaishgi, Guirguis, Tiso, Bunker and Blith further discloses the web 
page object comprises an image and an associated URL (Column 3, lines 28-31, "Each 
media object contains media, such as image data, video data, and audio data, that 
merchant 4 presents as an electronic seal of certification." and also at Column 3, lines 
58-67, URL for the seal). 

Regarding Claim 30, the rejection of claim 21 is incorporated and the 
combination of Khaishgi, Guirguis, Tiso, Bunker and Blith further discloses the web 
page object comprises a graphical file whose contents are periodically updated in 
accordance with a periodically determined security status level (Column 3, lines 28-31 , 
"Each media object contains media, such as image data, video data, and audio data, 
that merchant 4 presents as an electronic seal of certification." and at Column 4, lines 
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49-57, "Next, seal maintenance modules 27 periodically regenerate the media objects in 
order to update the embedded information including the expiration date (step 48). For 
example, a new set of media objects can be generated daily in order to facilitate 
detection of expired seals.") 

Regarding Claim 37, the rejection of claim 36 is incorporated and the 
combination of Khaishgi, Guirguis, Tiso, Bunker and Blyth further discloses the records 
include a detail record for each positive test result associated with the scanning (see, 
Blyth, Fig. 11). 

Regarding Claim 38, the rejection of claim 1 is incorporated and the combination 
of Khaishgi, Guirguis, Tiso, Bunker and Blyth further discloses wherein the visitor is 
allowed to log in and review interactive reports associated with the scanning (see, 
Khaishgi Fig. 6 for user requesting the merchant information combined with Guirguis, 
Page 6, Section 3.1.4). 

Regarding Claim 39, the rejection of claim 1 is incorporated and the combination 
of Khaishgi, Guirguis, Tiso, Bunker and Blyth further discloses wherein the levels of 
security status displayed for the visitor includes a security meter (see, Khaishgi, Fig. 6 
combined with Guirguis, Page 6, Section 3.1.4). 

Regarding Claim 42, the rejection of claim 1 is incorporated and the combination 
of Khaishgi, Guirguis, Tiso, Bunker and Blyth further discloses wherein the scanning is 
performed according to a schedule and is requested by a customer (see, Bunker, 
Paragraph 0052, "The job scheduling module 202 can initiate customer jobs at any 
time. It uses the customer profile 204 information to tell the Command Engine 116 
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what services the customer should receive, for example, due to having been purchased, 
so that the Command Engine 116 can conduct the appropriate range of tests 516." 

And also paragraph 0054, "Customer Profile information includes that information 
discussed in this specification which would typically be provided by the Customer". 
Therefore, the tests for vulnerability are scheduled according to the customer profile and 
the customer profile is provided by the customer therefore, the schedule is requested by 
the customer). 

Regarding Claim 43, the rejection of claim 1 is incorporated and the combination 
of Khaishgi, Guirguis, Tiso, Bunker and Blyth further discloses wherein the information 
in the database is initialized manually (see, Khaishgi, Column 4, lines 32-34 describing 
manual registration process). 

Regarding Claim 44, the rejection of claim 43 is incorporated and the 
combination of Khaishgi, Guirguis, Tiso, Bunker and Blyth further discloses wherein the 
information in the database is initialized automatically (see, Khaishgi, Column 4, lines 
32-34, describing automatic registration process). 

Regarding Claim 45, the rejection of claim 1 is incorporated and the combination 
of Khaishgi, Guirguis, Tiso, Bunker and Blyth further discloses wherein the scanning is 
performed on each device registered by the on-line service in the database (see, 
Bunker, Paragraphs 0052-0054). 



Claim 34 is rejected under 35 U.S.C. 103 (a) as being unpatentable over 



Khaishgi in view of Guirguis. Tiso. Bunker and Blyth and further in view of Nessus Scan 
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Report (retrieved from: 

http://web.archive.org/web/20001217231600/www.nessus.org/demo/report.txt, 
Publication: 2000), hereinafter "Nessus Scan Report". 

Regarding Claim 34, the rejection of claim 1 is incorporated and the combination 
of Khaishgi, Guirguis, Tiso and Bunker further discloses the database stores the 
information about the open ports on the device providing the online services (see Page 
6, 1st paragraph). 

The combination does not however explicitly discloses including in the report 
actual services running on the open ports, including a Version and network message 
protocol associated with the actual services. 

However, Nessus Scan Report discloses a report that includes actual services 
running on the open ports, including a Version and network message protocol 
associated with the actual services (see, Nessus Scan Report, "Information found on 
port ftp (21 /tap) bonsai microsoft ftp service (version 4.0). 500 'get / http/1 .0': 
command not understood"). 

Therefore, it would have been obvious at the time the invention was made to one 
of ordinary skill in the art to add, in the scan report of the combined system of Khaishgi, 
Guirguis, Tiso and Bunker, information actual services running on the open ports, 
including a Version and network message protocol associated with the actual services 
so that the administrator of the web server can identify vulnerabilities within open ports 
and resolve them efficiently. 
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Claim 40 is rejected under 35 U.S.C. 103 (a) as being unpatentable over 
Khaishgi in view of Guirguis, Tiso, Bunker, Blith and further in view of Nvanchama et al. 
(US 2003/0154269 A1 ), hereinafter "Nvanchama". 

Regarding Claim 40, the rejection of claim 1 is incorporated and the combination 
of Khaishgi, Guirguis, Tiso, and Bunker does not explicitly disclose wherein the levels of 
the security Status displayed for the visitor include an overall numeric rating. 

However, Nyanchama discloses displaying the levels of security status that 
include an overall numeric rating (see Paragraph 0031). 

Therefore, it would have been obvious at the time the invention was made to one 
of ordinary skill in the art to include, in the security status report of the combined system 
of Khaishgi, Guirguis, Tiso and Bunker, an overall numeric rating as taught by 
Nyanchama because that provides "automated assessment and quantification of, or 
security risks associated with, the vulnerabilities of computer network" (see, 
Nyanchama, Paragraph 0001). 

Claim 46 is rejected under 35 U.S.C. 103 (a) as being unpatentable over 
Khaishgi in view of Guirguis, Tiso, Bunker and Blvth and further in view of Llovd et al. 
(US 2002/0129161 AD, hereinafter, "Llovd". 

Regarding Claim 46, the rejection of claim 1 is incorporated and the Khaishgi 
discloses transparent image as a seal for expired seal however, Khaishgi further 
discloses the web page object appears invisible to the visitor after it is rendered by the 
visitor's browser due to a transparent image being provided to the visitor for display on 
the visitor's browser (see, Khaishgi, Column 4, lines 54-57). 
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Khaishgi does not explicitly use single dot GIF image to get the transparent 

image. 

Lloyd discloses using a single dot GIF image to make the image imperceptible 
(see, Paragraph 0013, "In some embodiments, the webby is designed to be 
imperceptible. In a non-limiting implementation of the webby, the content object may 
comprise a transparent GIF or JPEG, which includes one or more pixels."). 

Therefore, it would have been obvious at the time the invention was made to one 
of ordinary skill in the art to use a single dot GIF image, in the system of Khaishgi, as 
taught by Lloyd to make the seal of Khaishgi invisible so that seal disappears from the 
merchant web site when merchant loses its certification status (see, Khaishgi, Column 
4, line 54-57). 

Conclusion 

6. Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See M PEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
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extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to YOGESH PALIWAL whose telephone number is 
(571)270-1807. The examiner can normally be reached on M-F: 7:30 AM - 5:00 PM 
EST. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Vu can be reached on (571) 272-3859. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



/Y. P.I 

Examiner, Art Unit 2435 
/Kimyen Vu/ 
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